Saltstack Official Salt Formula

11 роки тому
11 роки тому
11 роки тому
11 роки тому
11 роки тому
11 роки тому
11 роки тому
11 роки тому
10 роки тому
7 роки тому
8 роки тому
7 роки тому
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334
  1. salt:
  2. # Set this to true to clean any non-salt-formula managed files out of
  3. # /etc/salt/{master,minion}.d ... You really don't want to do this on 2015.2
  4. # and up as it'll wipe out important files that Salt relies on.
  5. clean_config_d_dir: False
  6. # This state will remove "/etc/salt/minion" when you set this to true.
  7. minion_remove_config: True
  8. # This state will remove "/etc/salt/master" when you set this to true.
  9. master_remove_config: True
  10. # Set this to False to not have the formula install packages (in the case you
  11. # install Salt via git/pip/etc.)
  12. install_packages: True
  13. # Optional: set salt version (if install_packages is set to True)
  14. version: 2017.7.2-1.el7
  15. # to overwrite map.jinja salt packages
  16. lookup:
  17. salt_master: 'salt-master'
  18. salt_minion: 'salt-minion'
  19. salt_syndic: 'salt-syndic'
  20. salt_cloud: 'salt-cloud'
  21. salt_ssh: 'salt-ssh'
  22. pyinotify: 'python-pyinotify' the package to be installed for pyinotify
  23. # Set which release of SaltStack to use, default to 'latest'
  24. # To get the available releases:
  25. # * http://repo.saltstack.com/yum/redhat/7/x86_64/
  26. # * http://repo.saltstack.com/apt/debian/8/amd64/
  27. release: "2016.11"
  28. # salt master config
  29. master:
  30. fileserver_backend:
  31. - git
  32. - s3fs
  33. - roots
  34. gitfs_remotes:
  35. - git://github.com/saltstack-formulas/salt-formula.git:
  36. - base: develop
  37. s3.keyid: GKTADJGHEIQSXMKKRBJ08H
  38. s3.key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
  39. s3.buckets:
  40. - bucket1
  41. - bucket2
  42. - bucket3
  43. - bucket4
  44. file_roots:
  45. base:
  46. - /srv/salt
  47. pillar_roots:
  48. base:
  49. - /srv/pillar
  50. # for salt-api with tornado rest interface
  51. rest_tornado:
  52. port: 8000
  53. ssl_crt: /etc/pki/api/certs/server.crt
  54. ssl_key: /etc/pki/api/certs/server.key
  55. debug: False
  56. disable_ssl: False
  57. # for profile configuration as https://docs.saltstack.com/en/latest/topics/tutorials/lxc.html#tutorial-lxc-profiles
  58. lxc.container_profile:
  59. debian:
  60. template: download
  61. options:
  62. dist: debian
  63. release: jessie
  64. arch: amd64
  65. backing: lvm
  66. vgname: kimsufi
  67. size: 10G
  68. lxc.network_profile:
  69. basic:
  70. eth0:
  71. link: lxcbr0
  72. type: veth
  73. flags: up
  74. ## for external auth - LDAP
  75. # filter to use for Active Directory LDAP
  76. auth.ldap.filter: {% raw %}'sAMAccountName={{username}}'{% endraw %}
  77. # filter to use for Most other LDAP servers
  78. auth.ldap.filter: {% raw %}'uid={{ username }}'{% endraw %}
  79. # Define winrepo provider, by default support order is pygit2, gitpython
  80. # Set to gitpython for Debian & Ubuntu to get around saltstack/salt#35993
  81. # where pygit2 is not compiled with pygit2.GIT_FEATURE_HTTPS support
  82. winrepo_provider: gitpython
  83. # optional engine configuration
  84. engines:
  85. - slack:
  86. token: xoxp-XXXXX-XXXXXXX # use Slack's legacy API token
  87. control: True
  88. valid_users:
  89. - someuser
  90. - otheruser
  91. valid_commands:
  92. - test.ping
  93. - list_jobs
  94. aliases:
  95. list_jobs:
  96. type: runner
  97. cmd: jobs.list_jobs
  98. # optional: these reactors will be configured on the master
  99. # They override reactors configured in
  100. # 'salt:reactors' or the old 'salt:reactor' parameters
  101. reactors:
  102. - 'master/deploy':
  103. - /srv/salt/reactors/deploy.sls
  104. # salt minion config:
  105. minion:
  106. # single master setup
  107. master: salt
  108. # multi master setup
  109. #master:
  110. #- salt_master_1
  111. #- salt_master_2
  112. fileserver_backend:
  113. - git
  114. - roots
  115. gitfs_remotes:
  116. - git://github.com/saltstack-formulas/salt-formula.git:
  117. - base: develop
  118. file_roots:
  119. base:
  120. - /srv/salt
  121. pillar_roots:
  122. base:
  123. - /srv/pillar
  124. module_config:
  125. test: True
  126. test.foo: foo
  127. test.bar:
  128. - baz
  129. - quo
  130. test.baz:
  131. spam: sausage
  132. cheese: bread
  133. # salt mine setup
  134. mine_interval: 60
  135. # mine_functions can be set at the top level of the pillar, and
  136. # that is preferable because it doesn't affect the conf file and
  137. # doesn't require a minion restart. However, you can configure it
  138. # here instead if you really want to.
  139. mine_functions:
  140. network.interface_ip: [eth0]
  141. # Define a minion scheduler
  142. schedule:
  143. - highstate:
  144. - function: state.apply
  145. - minutes: 60
  146. - returner: redis
  147. # other 'non-default' config
  148. auth_keytab: /root/auth.keytab
  149. auth_principal: kadmin/admin
  150. # optional engine configuration
  151. engines:
  152. - slack:
  153. token: xoxp-XXXXX-XXXXXXX # use Slack's legacy API token
  154. control: True
  155. valid_users:
  156. - someuser
  157. - otheruser
  158. valid_commands:
  159. - test.ping
  160. - list_jobs
  161. aliases:
  162. list_jobs:
  163. type: runner
  164. cmd: jobs.list_jobs
  165. # optional beacons configuration
  166. beacons:
  167. load:
  168. 1m:
  169. - 0.0
  170. - 2.0
  171. 5m:
  172. - 0.0
  173. - 1.5
  174. 15m:
  175. - 0.1
  176. - 1.0
  177. interval: 10
  178. # Optional reactors: these reactors will be configured on the minion
  179. # They override reactors configured in
  180. # 'salt:reactors' or the old 'salt:reactor' parameters
  181. reactors:
  182. - 'minion/deploy':
  183. - /srv/salt/reactors/deploy.sls
  184. # salt cloud config
  185. cloud:
  186. master: salt
  187. # For non-templated custom cloud provider/profile/map files
  188. providers:
  189. provider-filename1.conf:
  190. vmware-prod:
  191. driver: vmware
  192. user: myusernameprod
  193. password: mypassword
  194. vmware-nonprod:
  195. driver: vmware
  196. user: myusernamenonprod
  197. password: mypassword
  198. profiles:
  199. profile-filename1.conf:
  200. server-non-prod:
  201. clonefrom: rhel6xtemplatenp
  202. grains:
  203. platform:
  204. name: salt
  205. realm: lab
  206. subscription_level: standard
  207. memory: 8GB
  208. num_cpus: 4
  209. password: sUpErsecretey
  210. provider: vmware-nonprod
  211. maps:
  212. map-filename1.map:
  213. server-non-prod:
  214. - host.mycompany.com:
  215. grains:
  216. environment: dev1
  217. # You can take profile and map templates from an alternate location
  218. # if you want to write your own.
  219. template_sources:
  220. providers: salt://salt/files/cloud.providers.d
  221. profiles: salt://salt/files/cloud.profiles.d
  222. maps: salt://salt/files/cloud.maps.d
  223. # These settings are used by the default provider templates and
  224. # only need to be set for the ones you're using.
  225. aws_key: AWSKEYIJSHJAIJS6JSH
  226. aws_secret: AWSSECRETYkkDY1iQf9zRtl9+pW+Nm+aZY95
  227. gce_project: test
  228. gce_service_account_email_address: 867543072364-orl4h2tpp8jcn1tr9ipj@developer.gserviceaccount.com
  229. rsos_user: afeawofghob
  230. rsos_tenant: tenant_id_number
  231. rsos_apikey: WFJIOJEOIGHSOFHESO
  232. rsos_regions:
  233. - ORD
  234. - DFW
  235. - IAD
  236. - SYD
  237. - HKG
  238. ssh_roster:
  239. prod1:
  240. host: host.example.com
  241. user: ubuntu
  242. sudo: True
  243. priv: /etc/salt/ssh_keys/sshkey.pem
  244. gitfs:
  245. keys:
  246. global:
  247. # key and pub end up being the extension used on the key file. values other than key and pub are possible
  248. key: |
  249. -----BEGIN RSA PRIVATE KEY-----
  250. ...........
  251. -----END RSA PRIVATE KEY-----
  252. pub: |
  253. ...........
  254. # These reactors will be configured both in the minion and the master
  255. reactors:
  256. - 'deploy':
  257. - /srv/salt/reactors/deploy.sls
  258. salt_cloud_certs:
  259. aws:
  260. pem: |
  261. -----BEGIN RSA PRIVATE KEY-----
  262. ...........
  263. -----END RSA PRIVATE KEY-----
  264. gce:
  265. pem: |
  266. -----BEGIN RSA PRIVATE KEY-----
  267. ...........
  268. -----END RSA PRIVATE KEY-----
  269. salt_formulas:
  270. git_opts:
  271. # The Git options can be customized differently for each
  272. # environment, if an option is missing in a given environment, the
  273. # value from "default" is used instead.
  274. default:
  275. # URL where the formulas git repositories are downloaded from
  276. # it will be suffixed with <formula-name>.git
  277. baseurl: https://github.com/saltstack-formulas
  278. # Directory where Git repositories are downloaded
  279. basedir: /srv/formulas
  280. # Update the git repository to the latest version (False by default)
  281. update: False
  282. # Options passed directly to the git.latest state
  283. options:
  284. rev: master
  285. dev:
  286. basedir: /srv/formulas/dev
  287. update: True
  288. options:
  289. rev: develop
  290. # Options of the file.directory state that creates the directory where
  291. # the git repositories of the formulas are stored
  292. basedir_opts:
  293. makedirs: True
  294. user: root
  295. group: root
  296. mode: 755
  297. # List of formulas to enable in each environment
  298. list:
  299. base:
  300. - salt-formula
  301. - postfix-formula
  302. dev:
  303. - salt-formula
  304. - postfix-formula
  305. - openssh-formula